Re: [xmlsec] Missing encryptedkey ?

Aleksey Sanin Sat, 09 Jun 2012 09:14:31 -0700

Take a look at the tests in the tests/01-phaos-xmlenc-3/ folder.
In particular, enc-element-3des-kw-3des.tmpl


Aleksey

On 6/9/12 7:54 AM, Roland Hedberg wrote:
> Hi!
> 
> I'm trying to encrypt part of a XML message.
> 
> So I'm using the command:
> 
> xmlsec1 encrypt --pubkey-cert-pem mycert.pem \
>     --session-key des-192 --xml-data pre_saml2_response.xml \
>     --node-xpath 
> '/*[local-name()="Response"]/*[local-name()="Assertion"]/*[local-name()="Subject"]/*[local-name()="EncryptedID"]/text()'
>  \
>     encryption_template.xml
> 
> The encryption template looks like this:
> 
> <?xml version="1.0" encoding="UTF-8"?>
> <EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#"; 
> Type="http://www.w3.org/2001/04/xmlenc#Element";>
>     <EncryptionMethod 
> Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
>     <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#";>
>         <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#";>
>             <EncryptionMethod 
> Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
>             <CipherData>
>                 <CipherValue></CipherValue>
>             </CipherData>
>         </EncryptedKey>
>     </KeyInfo>
>     <CipherData>
>         <CipherValue></CipherValue>
>     </CipherData>
> </EncryptedData>
> 
> The encryption works OK (no error message) and this is what is added to the 
> original XML file:
> 
> <EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#";
>                Type="http://www.w3.org/2001/04/xmlenc#Element";>
>   <EncryptionMethod 
> Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
>   <CipherData>
>     
> <CipherValue>ZBx6+ENTu+nktBVSGunBlnBPGc4MXxNJg9vLd1Z/MBJKx2QU/W9kD7OJRQ+Op6ct+865Cgf/9AM=</CipherValue>
>   </CipherData>
> </EncryptedData>
> 
> I expected some information about the encrypted session key but nothing.
> What did I do wrong ?
> 
> Now, trying to decrypt the encrypted file I get "error=45:key is not found"
> which I interpret to mean that the session key is missing. Right/wrong ?
> 
> -- Roland
> ------------------------------------------------------
> Roland Hedberg
> IT Architect/Senior Researcher
> ICT Services and System Development (ITS) 
> Umeå University 
> SE-901 87 Umeå, Sweden        
> Phone +46 90 786 68 44
> Mobile +46 70 696 68 44 
> www.its.umu.se 
> 
> _______________________________________________
> xmlsec mailing list
> [email protected]
> http://www.aleksey.com/mailman/listinfo/xmlsec
_______________________________________________
xmlsec mailing list
[email protected]
http://www.aleksey.com/mailman/listinfo/xmlsec

Re: [xmlsec] Missing encryptedkey ?

Reply via email to